package com.fanjia.security01demo.service.Impl;

import com.fanjia.security01demo.dao.UserDao;
import com.fanjia.security01demo.entity.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

/**
 * @author fanjia
 * @className UserDetailsImpl
 * @description TODO
 * @date 2021/3/26 23:42
 */
@Service
public class UserDetailsImpl implements UserDetailsService {
    @Autowired
    private UserDao userDao;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        // 从数据库尝试读取该用户
        User user = userDao.query(username);
        // 用户不存在，抛出异常
        if (user == null) {
            throw new UsernameNotFoundException("用户不存在");
        }
        // 将数据库形式的roles解析为UserDetails的权限集
        // AuthorityUtils.commaSeparatedStringToAuthorityList()是Spring Security提供的
        // 该方法用于将逗号隔开的权限集合字符串切割成可用权限对象列表
        // 当然也可以自己实现，如用分号来隔开等，参考generateAuthorities

        user.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList("admin"));

        return user;
    }
}
